mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-20 01:03:23 +03:00
e0cd5b55ce
no issue - this is secured by client credentials - you can only fetch the user info if the user is connected to your blog (invited, owner) - passport ghost instance stores the client credentials in the instance, no need to pass them into - tested on staging
20 lines
500 B
JavaScript
20 lines
500 B
JavaScript
var passport = require('passport'),
|
|
Promise = require('bluebird');
|
|
|
|
module.exports.getUser = function getUser(options) {
|
|
options = options || {};
|
|
|
|
var id = options.id,
|
|
ghostOAuth2Strategy = passport._strategies.ghost;
|
|
|
|
return new Promise(function (resolve, reject) {
|
|
ghostOAuth2Strategy.userProfileByIdentityId(id, function (err, profile) {
|
|
if (err) {
|
|
return reject(err);
|
|
}
|
|
|
|
resolve(profile);
|
|
});
|
|
});
|
|
};
|